📰 Dev.to · Guatu

21 articles · Updated every 3 hours · View all reads

All Articles 69,668 Blog Posts 101,095 Tech Tutorials 16,941 Research Papers 14,958 News 12,702 ⚡ AI Lessons

Kubernetes RBAC: Building Least-Privilege Service Accounts

Dev.to · Guatu 14h ago

Kubernetes RBAC: Building Least-Privilege Service Accounts

Moving beyond cluster-admin for everything. A practical approach to scoping ServiceAccount permissions for production workloads and AI agents.

Cloudflare DNS-01: Fixing the Gap Between Automation and Reality

Dev.to · Guatu 3d ago

Cloudflare DNS-01: Fixing the Gap Between Automation and Reality

Moving beyond basic cert-manager setups to handle DNS-01 challenges, Kubernetes ndots resolution issues, and dynamic IP automation with Cloudflare.

Building Agent Skills: A Pattern for Discoverable Capabilities

Dev.to · Guatu 3d ago

Building Agent Skills: A Pattern for Discoverable Capabilities

Moving beyond basic tool-calling to a composable skill pattern that makes agent capabilities discoverable and reusable across different frameworks.

Longhorn Volume Health: The Gap Between 'Healthy' and Actually Working

Dev.to · Guatu 1w ago

Longhorn Volume Health: The Gap Between 'Healthy' and Actually Working

Stop trusting the Longhorn UI blindly. Learn to monitor replication, fix stale mounts, and manage snapshot bloat in production K8s storage.

Kyverno Admission Controllers: Policy-as-Code That Actually Works

Dev.to · Guatu 2w ago

Kyverno Admission Controllers: Policy-as-Code That Actually Works

Moving beyond the happy path of Kubernetes policy enforcement. Real-world Kyverno pitfalls, mutation loops, and the gap between docs and production.

Unprivileged LXC + Docker: The runc Sysctl Permission Trap

Dev.to · Guatu 4w ago

Unprivileged LXC + Docker: The runc Sysctl Permission Trap

Fixing the silent failure of sysctl settings when running Docker inside unprivileged Proxmox LXC containers.

AdGuard Home: Network-Wide DNS Filtering with Failover

Dev.to · Guatu 4w ago

AdGuard Home: Network-Wide DNS Filtering with Failover

Setting up AdGuard Home for network-wide DNS filtering with a robust failover strategy to prevent total internet outages.

Stop Merging Broken YAML: Kubernetes Manifest Validation in CI

Dev.to · Guatu 1mo ago

Stop Merging Broken YAML: Kubernetes Manifest Validation in CI

Don't let invalid manifests break your GitOps pipeline. Learn how to use kubeconform and Kyverno exclusions to catch errors before they hit production.

cert-manager + Cloudflare DNS-01: Automated TLS for Everything

Dev.to · Guatu 1mo ago

cert-manager + Cloudflare DNS-01: Automated TLS for Everything

Automating TLS with cert-manager and Cloudflare DNS-01 in Kubernetes

SealedSecrets Key Backup: Don't Lose Your Encryption Keys

Dev.to · Guatu ⚡ AI Lesson 1mo ago

SealedSecrets Key Backup: Don't Lose Your Encryption Keys

How to back up and recover SealedSecrets encryption keys in Kubernetes

Ollama on Kubernetes: Recreate Strategy and Single-GPU Deadlock

Dev.to · Guatu 1mo ago

Ollama on Kubernetes: Recreate Strategy and Single-GPU Deadlock

Deploying Ollama on Kubernetes can lead to GPU deadlocks. Here's how to avoid them.

Wildcard DNS + ndots:5: The TLS Nightmare and How to Fix It

Dev.to · Guatu 1mo ago

Wildcard DNS + ndots:5: The TLS Nightmare and How to Fix It

Kubernetes default DNS settings can cause TLS certificate mismatches when using wildcard DNS. Here is how to debug and fix it.

MQTT Broker Selection: HiveMQ vs Mosquitto for Industrial Use

Dev.to · Guatu 1mo ago

MQTT Broker Selection: HiveMQ vs Mosquitto for Industrial Use

Comparing HiveMQ and Mosquitto for industrial IoT: scalability, security, and reliability

Agent Credential Management: Two-Tier Service Accounts for Secure AI Agent Workflows

Dev.to · Guatu 1mo ago

Agent Credential Management: Two-Tier Service Accounts for Secure AI Agent Workflows

Managing agent credentials with two-tier service accounts: a secure approach for AI agent orchestration

Pod Disruption Budgets: Why kubectl drain Gets Stuck on Longhorn

Dev.to · Guatu 1mo ago

Pod Disruption Budgets: Why kubectl drain Gets Stuck on Longhorn

Pod Disruption Budgets can block kubectl drain on Longhorn. Here's how to avoid it.

Attention Residuals: How Kimi Is Rethinking Transformer Depth

Dev.to · Guatu 1mo ago

Attention Residuals: How Kimi Is Rethinking Transformer Depth

Kimi's Attention Residuals replace fixed residual connections with learned layer aggregation. What it means for LLM depth.

NVIDIA Container Toolkit: Why the Default Runtime Matters

Dev.to · Guatu 2mo ago

NVIDIA Container Toolkit: Why the Default Runtime Matters

Fixing default runtime misconfigurations in NVIDIA Container Toolkit for GPU workloads

Helm fullnameOverride: Naming Sanity in ArgoCD

Dev.to · Guatu 2mo ago

Helm fullnameOverride: Naming Sanity in ArgoCD

Avoid naming chaos in ArgoCD by using Helm fullnameOverride effectively

Building MCP Servers with FastMCP: Stop Writing Boilerplate, Start Writing Tools

Dev.to · Guatu 2mo ago

Building MCP Servers with FastMCP: Stop Writing Boilerplate, Start Writing Tools

FastMCP makes building Model Context Protocol servers feel like FastAPI. Here's how to go from zero to a working MCP server in under an hour.

GitOps for Homelabs: How ArgoCD App-of-Apps Scales Your Cluster

Dev.to · Guatu 2mo ago

GitOps for Homelabs: How ArgoCD App-of-Apps Scales Your Cluster

Managing a homelab Kubernetes cluster by hand eventually breaks you. Not in a dramatic way — in a...

Building a Production Homelab: Multi-Node Proxmox Cluster with Kubernetes

Dev.to · Guatu 2mo ago

Building a Production Homelab: Multi-Node Proxmox Cluster with Kubernetes

Most homelab content stops at "I installed Proxmox on a NUC." This post goes further — how I built a...